Every now and then, a new Facebook scam pops up that takes advantage of the users' curiosity and lures them in by promising to allow them to view who has visited their profile. It is actually amazing how many people fall for it each time - even with all the warnings that you can find about it on the Internet.

The latest one repeats the usual pattern: a friend of the victims has fallen for the scam and his status now contains the very typical OMG OMG OMG... I cant believe this actually works! Now you really can see who viewed your profile! on [BIT.LY LINK] message. The victims are intrigued, and click on the link which lands them on a webpage that offers them the application that will supposedly allow them to see their profile's visitors:

To install the application (called ePrivacy), the users must give it permission to access their basic information, send them e-mails, post on their walls, access their data any time and even manage any of the pages they are administrators of.

Surprisingly enough, this request apparently doesn't trigger the alarm bell with many users. As soon the victims allow the application to do all that, the same message they fell for is posted as their status message, ready to lure in other curious users.

According to Sophos, the current campaign uses a number of different links, but they all point to the same page. An inquiry into just one of those showed that some 60,000 people have already clicked on it. It doesn't mean they all "installed" the application, but if only one of them did, it is still one victim to many.

If the "ProfileSpy" logo with the black hat icon looks familiar, it is because the same scammers have run a nearly identical campaign some 5 months ago. Back then, they also tried to get victims to register for a mobile service that costs $19.99 per month.

Spotlight

By working with the DevOps team, you can ensure that the production environment is more predictable, auditable and more secure than before. The key is to integrate your security requirements into the DevOps pipeline.

A critical vulnerability in ANTlabs InnGate devices, a popular Internet gateway for visitor-based networks and commonly installed in hotels and convention centers, has been discovered. The flaw could allow an attacker to monitor or tamper with traffic to and from any hotel WiFi user's connection.

In this interview, Raj Samani, VP and CTO EMEA at Intel Security, talks about successful information security strategies aimed at the critical infrastructure, government challenges, the role of regulation, and more.